<?php
class InitAclController extends AppController {
	var $name = 'InitAcl' ;
	var $component = array ( 'Acl' ) ;
	var $uses = array ( ) ;
	
	function setupAcl () {
		$aro = new aro ( ) ;
		
		$aro->create () ;
		$aro->save ( array ( 'model' => 'User' , 'foreign_key' => null , 'parent_id' => null , 'alias' => 'Admin' ) ) ;
		
		$aro->create () ;
		$aro->save ( array ( 'model' => 'User' , 'foreign_key' => null , 'parent_id' => null , 'alias' => 'User' ) ) ;
		
		$aro->create () ;
		$aro->save ( array ( 'model' => 'User' , 'foreign_key' => null , 'parent_id' => null , 'alias' => 'Guest' ) ) ;
		
		$parent = $aro->findByAlias ( 'Admin' ) ;
		$parentId = $parent [ 'Aro' ] [ 'id' ] ;
		
		$aro->create () ;
		$aro->save ( array ( 'model' => 'User' , 'foreign_key' => 1 , 'parent_id' => $parentId , 'alias' => 'User::1' ) ) ;
		
		$aco = new Aco ( ) ;
		$aco->create () ;
		$aco->save ( array ( 'model' => 'User' , 'foreign_key' => null , 'parent_id' => null , 'alias' => 'User' ) ) ;
		
		$aco->create () ;
		$aco->save ( array ( 'model' => 'Post' , 'foreign_key' => null , 'parent_id' => null , 'alias' => 'Post' ) ) ;
		
		// Give admin full control over acos 'User' & 'Post'		$this->Acl->allow ( 'Admin', 'User', '*' ) ;
		$this->Acl->allow ( 'Admin', 'Post', '*' ) ;
		
		// Give the user group only create & read access for 'Post' 		$this->Acl->allow ( 'User', 'Post', array ( 'create' , 'read' ) ) ;
		
		// Give the Guests only create access for 'User'		$this->Acl->allow ( 'Guest', 'User', 'create' ) ;
	}
}
?>